Instantly share code, notes, and snippets.

Embed
What would you like to do?
An analysis of Censys Public Scan 20180807 (only port 22) to estimate the number of servers {potentially} vulnerable to the recent Libssh bug

Libssh authentication bypass vulnerability (CVE-2018-10933)

An analysis of Censys Public Scan 20180807 (only port 22) to estimate the number of servers {potentially} vulnerable to the recent Libssh bug.

The most common hasshServer values for each libssh version:

hasshServer Server Identification String Count
489e30454fb8c5bdc15e54b24a80d109 SSH-2.0-libssh-0.6.0 1076
5415e306f43f87ee2a5b9e5211eaefac SSH-2.0-libssh_0.7.0 406
300791d5ac0d0fe0c11c7591e1216691 SSH-2.0-libssh-0.6.3 321
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-libssh-0.7.2 51
e5c1da26cdde67ec7b2a7759b13b6d28 SSH-2.0-libssh-0.6.5 22
50a0624954cdf5c897aac12b66688dec SSH-2.0-libssh_0.7.5 16
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-libssh-0.7.3 8
c251cb842064997a986c1bc145aec3bd SSH-2.0-libssh-0.7.1 6

hasshServer values of all observed libssh versions:

hasshServer Server Identification String Count
489e30454fb8c5bdc15e54b24a80d109 SSH-2.0-libssh-0.6.0 1076
300791d5ac0d0fe0c11c7591e1216691 SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.3 442
5415e306f43f87ee2a5b9e5211eaefac SSH-2.0-libssh_0.7.0 406
6b52d83483f50b8f01f406a47b0c730c SSH-2.0-libssh_0.7.0 131
6e3fb87b7382dbced382641f012ced5e SSH-2.0-libssh-0.7.0 98
525f9e1788267b077b6e2b2529492905 SSH-2.0-libssh-0.7.0 74
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-libssh-0.7.2, SSH-2.0-libssh-0.7.3 59
bf8ae9cb26a1222fe7b9323edd6f8814 SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.1, SSH-2.0-libssh-0.6.3 37
85a34ecc072b7fee11a05e8208ffc2a2 SSH-2.0-libssh_0.7.0 33
3cec38e362b52f605c3f619d2fa898a9 SSH-2.0-libssh-0.6.0 28
e5c1da26cdde67ec7b2a7759b13b6d28 SSH-2.0-libssh-0.6.5 22
50a0624954cdf5c897aac12b66688dec SSH-2.0-libssh_0.7.5 16
c251cb842064997a986c1bc145aec3bd SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.7.0, SSH-2.0-libssh-0.7.1 15
a3c5503aaac766fe70067eb7d7114046 SSH-2.0-libssh_0.7.5 8
a957df03ca15a1f0f532f55cb031d4a0 SSH-2.0-libssh-0.6.3 6
ff0e73523bfc6173fc6029705689efa5 SSH-2.0-libssh_0.7.5 5
59553fa7f7cd28b35246771fa9a493ea SSH-2.0-libssh-0.7.3 3
9e706fd7cb4747756448bbc74e27220b SSH-2.0-libssh-0.6.0 2
7f0ad9c1c1b97136bb439aee56427bea SSH-2.0-libssh-0.7.2 1
c5e3f21bfd616e32afee0563dc27880d SSH-2.0-libssh-0.7.3 1

Unique libssh hasshServers (not common with any other ssh servers):

hasshServer Server Identification String
489e30454fb8c5bdc15e54b24a80d109 SSH-2.0-libssh-0.6.0
300791d5ac0d0fe0c11c7591e1216691 SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.3
5415e306f43f87ee2a5b9e5211eaefac SSH-2.0-libssh_0.7.0
6e3fb87b7382dbced382641f012ced5e SSH-2.0-libssh_0.7.0
525f9e1788267b077b6e2b2529492905 SSH-2.0-libssh-0.7.0
3cec38e362b52f605c3f619d2fa898a9 SSH-2.0-libssh-0.5.2, SSH-2.0-libssh-0.5.5, SSH-2.0-libssh-0.6.0
85a34ecc072b7fee11a05e8208ffc2a2 SSH-2.0-libssh-0.7.0
e5c1da26cdde67ec7b2a7759b13b6d28 SSH-2.0-libssh-0.6.5
50a0624954cdf5c897aac12b66688dec SSH-2.0-libssh_0.7.5
a3c5503aaac766fe70067eb7d7114046 SSH-2.0-libssh_0.7.5
a957df03ca15a1f0f532f55cb031d4a0 SSH-2.0-libssh-0.6.3
59553fa7f7cd28b35246771fa9a493ea SSH-2.0-libssh-0.7.3
9e706fd7cb4747756448bbc74e27220b SSH-2.0-libssh-0.6.0
7f0ad9c1c1b97136bb439aee56427bea SSH-2.0-libssh-0.7.2
c5e3f21bfd616e32afee0563dc27880d SSH-2.0-libssh-0.7.3
f1ac99f2fbd8ecf3252d3dc9eb436e82 SSH-2.0-libssh-0.7.3

libssh hasshServer values common with other ssh servers:

hasshServer Server Identification String
e80597ec7cbc1477a68bd9117d87dfdd SSH-2.0-Gitee.com, SSH-2.0-HomeSSH-v1.1, SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3, SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, SSH-2.0-RESTRICTED, SSH-2.0-WingFTPServer, SSH-2.0-dropbear, SSH-2.0-elastic-sshd, SSH-2.0-libssh, SSH-2.0-libssh-0.7.2, SSH-2.0-libssh-0.7.3, SSH-2.0-sftpwrapper
6b52d83483f50b8f01f406a47b0c730c SSH-2.0-OpenSSH_6.8, SSH-2.0-libssh_0.7.0
bf8ae9cb26a1222fe7b9323edd6f8814 SSH-2.0-1.0.0(NET9), SSH-2.0-OpenSSH, SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.2_hpn13v11, SSH-2.0-OpenSSH_6.6.1, SSH-2.0-SSH-2.0-dropbear_2012.55, SSH-2.0-elastic-sshd, SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.1, SSH-2.0-libssh-0.6.3
c251cb842064997a986c1bc145aec3bd SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.5, SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.7.0, SSH-2.0-libssh-0.7.1, SSH-2.0-sftpwrapper
ff0e73523bfc6173fc6029705689efa5 SSH-2.0-WingFTPServer, SSH-2.0-libssh_0.7.5
@blacknbunny

This comment has been minimized.

blacknbunny commented Oct 19, 2018

Nice information, I share it on my post.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment